@kagal/taistamp 0.0.1

package/LICENCE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Apptly Software Ltd <oss@apptly.co>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,231 @@
+# @kagal/taistamp
+
+Platform-neutral handler for `/.well-known/taistamp` —
+serves signed [TAI64N][tai64n] timestamps over HTTP for
+clients that need authenticated wall-clock time without
+running an NTP stack or trusting an unauthenticated TLS
+handshake clock.
+
+## Install
+
+```sh
+pnpm add @kagal/taistamp
+```
+
+## Handler
+
+```typescript
+import { newTaistampHandler, TAI64N_PATH } from '@kagal/taistamp';
+
+const taistamp = newTaistampHandler();
+
+// Worker fetch handler
+export default {
+  async fetch(request: Request): Promise<Response> {
+    if (new URL(request.url).pathname === TAI64N_PATH) {
+      return taistamp(request);
+    }
+    // ...
+  },
+};
+
+// Hono route
+app.get(TAI64N_PATH, (c) => taistamp(c.req.raw));
+```
+
+`newTaistampHandler()` returns an
+`async (request) => Response`. `GET` and `HEAD` succeed
+with a fresh 25-byte TAI64N label
+(`@<sec-hi><sec-lo><nano>`); other methods return `405`
+with `Allow: GET, HEAD`. A request that carries more
+than one `TAI-Nonce` header is rejected with `400` —
+stricter than the spec's "treat as absent" rule, since
+a duplicated singleton field is malformed input.
+
+Response headers on success:
+
+| Header | Value |
+|--------|-------|
+| `Content-Type` | `application/tai64n` |
+| `Content-Length` | `25` |
+| `Cache-Control` | `no-store` |
+| `TAI-Leap-Seconds` | decimal count (e.g. `37`), always present |
+
+A request `TAI-Nonce` is echoed verbatim in the
+response. `HEAD` responses carry the same headers as
+the corresponding `GET` but never include
+`TAI-Key-Selector` or `TAI-Signature` — the signed
+payload covers the response body, so a `HEAD` cannot
+be verified.
+
+## Signing
+
+```typescript
+import {
+  newEd25519Signer,
+  newTaistampHandler,
+} from '@kagal/taistamp';
+
+const taistamp = newTaistampHandler({
+  selector: 'sel2026q2',
+  signer: newEd25519Signer(privateKey),
+});
+```
+
+`signer` and `selector` are co-required: pass both to
+sign, neither for an unsigned handler. Construction
+throws if only one is supplied, or if `selector` does
+not match `[A-Za-z][A-Za-z0-9_-]{0,62}` (a single
+DNS-safe label that starts with a letter and is also a
+valid Structured Field token).
+
+When the request is a `GET` carrying a `TAI-Nonce` of
+14–174 octets *and* a signer is configured, the
+response gains:
+
+- `TAI-Key-Selector: <selector>`
+- `TAI-Signature: :<base64>:` (sf-binary, RFC 8941)
+  over the framed payload.
+
+`HEAD`, `405`, nonce-less, and out-of-range-nonce
+responses are never signed.
+
+The framed payload is:
+
+```text
+'taistamp-v1\0' || labelBytes || leapU32BE
+              || selectorLen(u8) || selectorBytes
+              || nonceBytes
+```
+
+- `taistamp-v1\0` — domain-separation tag with
+  trailing NUL, so the same key cannot be tricked
+  into signing for any other protocol.
+- `labelBytes` — the 25 ASCII bytes of the TAI64N
+  label.
+- `leapU32BE` — leap-seconds count as a 4-byte
+  big-endian unsigned integer.
+- `selectorLen` / `selectorBytes` — the selector
+  length-prefixed by a single byte, so a downgrade
+  attacker cannot rewrite `TAI-Key-Selector` without
+  invalidating the signature.
+- `nonceBytes` — the request nonce, verbatim
+  (including any sf-binary `:` framing).
+
+`newEd25519Signer(key: CryptoKey)` is the built-in
+signer — pass an Ed25519 private `CryptoKey` with
+`'sign'` usage and the response carries a 64-byte
+RFC 8032 signature. The `Signer` interface is
+HSM/KMS-friendly:
+
+```typescript
+interface Signer {
+  sign: (message: BufferSource) => Promise<ArrayBuffer>;
+}
+```
+
+## DNS publication
+
+Publish the public key as a DNS `TXT` record at
+`<selector>._taistamp.<host>` (DKIM-style). The same
+host that serves `/.well-known/taistamp`. Verifiers
+read the selector from the `TAI-Key-Selector` response
+header and look up the matching record.
+
+TXT record format (single string, ≤ 255 bytes,
+DKIM/DMARC-style tag-value list):
+
+```text
+v=tai1; k=ed25519; p=<base64-of-32-raw-pubkey-bytes>
+```
+
+| Tag | Value |
+|-----|-------|
+| `v` | Protocol version. `tai1` for the framing in this README. |
+| `k` | Key algorithm. `ed25519` for the only algorithm currently defined. |
+| `p` | Public key, standard base64. For Ed25519: 32 raw bytes → 43-44 chars. |
+
+Rotate by publishing a new selector alongside the old
+one, switching the handler over to the new selector,
+then removing the old TXT once cached responses have
+expired. Verifiers cache by selector, so old
+signatures stay verifiable until their TXT is removed.
+
+## Verifying
+
+```typescript
+import { taistampSignedPayload } from '@kagal/taistamp';
+
+const response = await fetch(taistampURL, {
+  headers: { 'TAI-Nonce': clientNonce },
+});
+const label = await response.text();
+const leap = Number(response.headers.get('TAI-Leap-Seconds'));
+const selector = response.headers.get('TAI-Key-Selector')!;
+const sigSf = response.headers.get('TAI-Signature')!;
+
+// Look up the public key in DNS at
+// `${selector}._taistamp.${host}` and parse the
+// `p=` tag from the TXT record.
+const publicKey = await loadPublicKey(host, selector);
+
+const payload = taistampSignedPayload(
+  label,
+  leap,
+  selector,
+  clientNonce,
+);
+const valid = await crypto.subtle.verify(
+  'Ed25519',
+  publicKey,
+  sfBinaryDecode(sigSf), // strip leading/trailing ':' then base64-decode
+  payload,
+);
+```
+
+`taistampSignedPayload(label, leapSeconds, selector,
+nonce)` reconstructs the exact byte sequence the
+server signed; the verifier supplies only the public
+key and an sf-binary decoder. Comparing the verifier's
+recorded nonce against the response's `TAI-Nonce`
+defends against replay.
+
+## TAI64N helpers
+
+The handler uses these primitives internally; they
+are re-exported for callers that need raw TAI64N
+construction:
+
+| Export | Description |
+|--------|-------------|
+| `now()` | Current TAI as `{ sec, nano, offset }` |
+| `fromUTC(utc)` | `Date.now()`-shaped milliseconds → TAI timestamp |
+| `tai64nLabel(t?)` | 25-byte label string for a timestamp (or `now()`) |
+| `tai64nLabelFromUTC(utc)` | Shortcut for `tai64nLabel(fromUTC(utc))` |
+
+`fromUTC` applies the constant `TAI_OFFSET` (currently
+37 seconds). Historic UTC timestamps spanning a
+leap-second boundary need caller-side adjustment —
+the constant tracks the present, not history.
+
+## Constants
+
+| Name | Value |
+|------|-------|
+| `TAI64N_PATH` | `/.well-known/taistamp` |
+| `TAI64N_CONTENT_TYPE` | `application/tai64n` |
+| `TAI64N_CONTENT_LENGTH` | `25` |
+| `TAI64N_HEADER_KEY_SELECTOR` | `TAI-Key-Selector` |
+| `TAI64N_HEADER_LEAP_SECONDS` | `TAI-Leap-Seconds` |
+| `TAI64N_HEADER_NONCE` | `TAI-Nonce` |
+| `TAI64N_HEADER_SIGNATURE` | `TAI-Signature` |
+| `TAI_OFFSET` | `37` |
+| `TAI64_EPOCH_HI` | `0x40000000` |
+
+## Licence
+
+[MIT][mit]
+
+<!-- references -->
+[mit]: ../../LICENCE.txt
+[tai64n]: https://cr.yp.to/libtai/tai64.html

package/dist/index.d.mts

@@ -0,0 +1,185 @@
+declare const TAI_OFFSET: number;
+declare const TAI64N_PATH = "/.well-known/taistamp";
+declare const TAI64N_CONTENT_TYPE = "application/tai64n";
+declare const TAI64N_CONTENT_LENGTH: number;
+declare const TAI64N_HEADER_KEY_SELECTOR = "TAI-Key-Selector";
+declare const TAI64N_HEADER_LEAP_SECONDS = "TAI-Leap-Seconds";
+declare const TAI64N_HEADER_NONCE = "TAI-Nonce";
+declare const TAI64N_HEADER_SIGNATURE = "TAI-Signature";
+declare const TAI64_EPOCH_HI = 1073741824;
+
+/**
+ * Generic signer abstraction over a private key.
+ *
+ * @remarks
+ * The handler doesn't care which algorithm or key
+ * store produced the signature, only that signing
+ * succeeded. Pluggable so consumers can wire in
+ * HSM-backed, KMS-backed, or in-process WebCrypto
+ * signers without touching the handler. Verifiers
+ * must agree on the algorithm and the public key
+ * out-of-band — typically by pinning the public key
+ * to a DNS TXT record.
+ */
+interface Signer {
+    /**
+     * Produce a signature over `message`.
+     *
+     * @param message - bytes to sign; the caller is
+     *   responsible for any framing or domain separation.
+     *   Typed as {@link BufferSource} to match WebCrypto's
+     *   own input shape — any `ArrayBuffer` or typed-array
+     *   view is accepted.
+     * @returns the raw signature bytes (algorithm-defined
+     *   length and encoding) as an `ArrayBuffer`, matching
+     *   WebCrypto's native output shape
+     */
+    sign: (message: BufferSource) => Promise<ArrayBuffer>;
+}
+/**
+ * Build a {@link Signer} backed by a WebCrypto Ed25519
+ * private `CryptoKey`.
+ *
+ * @param key - Ed25519 private key with `'sign'` in
+ *   `key.usages`. The algorithm `name` must be
+ *   `'Ed25519'`.
+ * @returns a {@link Signer} producing 64-byte raw
+ *   Ed25519 signatures (R ‖ s, RFC 8032)
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8032}
+ */
+declare const newEd25519Signer: (key: CryptoKey) => Signer;
+
+/**
+ * Compose the byte sequence covered by a TAI-Signature.
+ *
+ * @param label - the 25-byte TAI64N label string the
+ *   server is returning
+ * @param leapSeconds - the leap-seconds count the server
+ *   advertises in `TAI-Leap-Seconds`
+ * @param selector - the key selector the server
+ *   advertises in `TAI-Key-Selector`; verifiers use
+ *   this to look up the public key in DNS at
+ *   `<selector>._taistamp.<host>`
+ * @param nonce - the client-supplied nonce, echoed
+ *   verbatim in `TAI-Nonce`
+ * @returns the byte sequence verifiers reconstruct
+ *   from the response and pass to their public-key
+ *   verify routine. The framing is the
+ *   domain-separation tag (`taistamp-v1` plus a
+ *   trailing NUL byte), then the label bytes, then
+ *   the leap-seconds count as a 4-byte big-endian
+ *   unsigned integer, then a 1-byte selector length,
+ *   then the selector bytes, then the nonce bytes.
+ *
+ * @remarks
+ * Binding the selector into the signed payload stops a
+ * downgrade attacker from rewriting `TAI-Key-Selector`
+ * to point at a compromised or weaker key — the
+ * signature would no longer verify under that key.
+ * `leapSeconds` is encoded as a 4-byte big-endian
+ * unsigned integer; the selector is length-prefixed by
+ * a single byte (selectors are ≤ 63 chars per
+ * {@link newTaistampHandler}'s validation).
+ */
+declare const taistampSignedPayload: (label: string, leapSeconds: number, selector: string, nonce: string) => ArrayBuffer;
+/**
+ * Configuration for {@link newTaistampHandler}.
+ *
+ * @remarks
+ * `signer` and `selector` are co-required: pass both
+ * to enable authenticated responses, or neither for
+ * an unsigned handler. Passing only one is rejected
+ * at construction time — without the selector
+ * verifiers cannot find the key in DNS, and a
+ * selector without a signer is a misconfiguration.
+ */
+interface TaistampHandlerConfig {
+    /**
+     * Key selector advertised in the `TAI-Key-Selector`
+     * response header and bound into the signed payload.
+     * Verifiers look up the public key at
+     * `<selector>._taistamp.<host>` in DNS.
+     *
+     * Must match `[A-Za-z][A-Za-z0-9_-]{0,62}` (a single
+     * DNS label starting with a letter, using
+     * DKIM-compatible characters and a valid sf-token);
+     * rotate by changing the selector and publishing a
+     * new TXT record.
+     */
+    selector?: string;
+    /**
+     * {@link Signer} that produces `TAI-Signature` over
+     * the framed payload from {@link taistampSignedPayload}.
+     * Without a signer the nonce is still echoed but the
+     * response is unsigned.
+     */
+    signer?: Signer;
+}
+/**
+ * Build a handler for `/.well-known/taistamp`.
+ *
+ * @param config - optional {@link TaistampHandlerConfig}
+ * @returns an `async (request) => Response` callable
+ *   directly as a Web `fetch` handler or as a Hono
+ *   route handler.
+ *
+ * @throws TypeError if `signer` and `selector` are not
+ *   both set or both unset, or if `selector` does not
+ *   match `[A-Za-z][A-Za-z0-9_-]{0,62}`.
+ *
+ * @remarks
+ * Behaviour:
+ *
+ * - `GET` / `HEAD` — body is a fresh 25-byte TAI64N
+ *   label (`HEAD` omits the body). Response headers:
+ *   Content-Type `application/tai64n`, Content-Length
+ *   `25`, Cache-Control `no-store`, plus
+ *   `TAI-Leap-Seconds` carrying the current count.
+ * - Any other method — `405 Method Not Allowed` with
+ *   `Allow: GET, HEAD`.
+ * - Request with more than one `TAI-Nonce` header —
+ *   `400 Bad Request`. Stricter than the spec's
+ *   "treat as absent" rule: a duplicated singleton
+ *   field is malformed input, so we refuse rather
+ *   than silently down-ranking it to unsigned.
+ * - Request `TAI-Nonce` — the value is echoed verbatim
+ *   in the response.
+ * - Request `TAI-Nonce` *and* `signer` configured *and*
+ *   the request method is `GET` *and* the nonce field
+ *   value is between 14 and 174 octets — adds
+ *   `TAI-Key-Selector` and `TAI-Signature` (sf-binary)
+ *   over the bytes produced by
+ *   {@link taistampSignedPayload}. The
+ *   domain-separation tag means the same key cannot
+ *   be tricked into producing valid signatures for
+ *   other protocols. `HEAD` and `405` responses are
+ *   never signed.
+ *
+ * The corresponding public key is expected to be
+ * published out-of-band as a DNS TXT record at
+ * `<selector>._taistamp.<host>` — verifiers fetch the
+ * key by selector so the operator can rotate keys by
+ * publishing a new selector while the old one is
+ * still cached.
+ *
+ * @see {@link https://cr.yp.to/libtai/tai64.html} for
+ *   TAI64N format
+ */
+declare const newTaistampHandler: (config?: TaistampHandlerConfig) => ((request: Request) => Promise<Response>);
+
+type timestamp = {
+    nano: number;
+    sec: number;
+    offset?: number;
+};
+declare const fromUTC: (utc: number) => timestamp;
+declare const now: () => timestamp;
+declare const tai64nLabel: (value?: timestamp) => string;
+declare const tai64nLabelFromUTC: (utc: number) => string;
+
+/** Package version from package.json. */
+declare const VERSION: string;
+
+export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_OFFSET, VERSION, fromUTC, newEd25519Signer, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC, taistampSignedPayload };
+export type { Signer, TaistampHandlerConfig };

package/dist/index.d.ts

@@ -0,0 +1,185 @@
+declare const TAI_OFFSET: number;
+declare const TAI64N_PATH = "/.well-known/taistamp";
+declare const TAI64N_CONTENT_TYPE = "application/tai64n";
+declare const TAI64N_CONTENT_LENGTH: number;
+declare const TAI64N_HEADER_KEY_SELECTOR = "TAI-Key-Selector";
+declare const TAI64N_HEADER_LEAP_SECONDS = "TAI-Leap-Seconds";
+declare const TAI64N_HEADER_NONCE = "TAI-Nonce";
+declare const TAI64N_HEADER_SIGNATURE = "TAI-Signature";
+declare const TAI64_EPOCH_HI = 1073741824;
+
+/**
+ * Generic signer abstraction over a private key.
+ *
+ * @remarks
+ * The handler doesn't care which algorithm or key
+ * store produced the signature, only that signing
+ * succeeded. Pluggable so consumers can wire in
+ * HSM-backed, KMS-backed, or in-process WebCrypto
+ * signers without touching the handler. Verifiers
+ * must agree on the algorithm and the public key
+ * out-of-band — typically by pinning the public key
+ * to a DNS TXT record.
+ */
+interface Signer {
+    /**
+     * Produce a signature over `message`.
+     *
+     * @param message - bytes to sign; the caller is
+     *   responsible for any framing or domain separation.
+     *   Typed as {@link BufferSource} to match WebCrypto's
+     *   own input shape — any `ArrayBuffer` or typed-array
+     *   view is accepted.
+     * @returns the raw signature bytes (algorithm-defined
+     *   length and encoding) as an `ArrayBuffer`, matching
+     *   WebCrypto's native output shape
+     */
+    sign: (message: BufferSource) => Promise<ArrayBuffer>;
+}
+/**
+ * Build a {@link Signer} backed by a WebCrypto Ed25519
+ * private `CryptoKey`.
+ *
+ * @param key - Ed25519 private key with `'sign'` in
+ *   `key.usages`. The algorithm `name` must be
+ *   `'Ed25519'`.
+ * @returns a {@link Signer} producing 64-byte raw
+ *   Ed25519 signatures (R ‖ s, RFC 8032)
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8032}
+ */
+declare const newEd25519Signer: (key: CryptoKey) => Signer;
+
+/**
+ * Compose the byte sequence covered by a TAI-Signature.
+ *
+ * @param label - the 25-byte TAI64N label string the
+ *   server is returning
+ * @param leapSeconds - the leap-seconds count the server
+ *   advertises in `TAI-Leap-Seconds`
+ * @param selector - the key selector the server
+ *   advertises in `TAI-Key-Selector`; verifiers use
+ *   this to look up the public key in DNS at
+ *   `<selector>._taistamp.<host>`
+ * @param nonce - the client-supplied nonce, echoed
+ *   verbatim in `TAI-Nonce`
+ * @returns the byte sequence verifiers reconstruct
+ *   from the response and pass to their public-key
+ *   verify routine. The framing is the
+ *   domain-separation tag (`taistamp-v1` plus a
+ *   trailing NUL byte), then the label bytes, then
+ *   the leap-seconds count as a 4-byte big-endian
+ *   unsigned integer, then a 1-byte selector length,
+ *   then the selector bytes, then the nonce bytes.
+ *
+ * @remarks
+ * Binding the selector into the signed payload stops a
+ * downgrade attacker from rewriting `TAI-Key-Selector`
+ * to point at a compromised or weaker key — the
+ * signature would no longer verify under that key.
+ * `leapSeconds` is encoded as a 4-byte big-endian
+ * unsigned integer; the selector is length-prefixed by
+ * a single byte (selectors are ≤ 63 chars per
+ * {@link newTaistampHandler}'s validation).
+ */
+declare const taistampSignedPayload: (label: string, leapSeconds: number, selector: string, nonce: string) => ArrayBuffer;
+/**
+ * Configuration for {@link newTaistampHandler}.
+ *
+ * @remarks
+ * `signer` and `selector` are co-required: pass both
+ * to enable authenticated responses, or neither for
+ * an unsigned handler. Passing only one is rejected
+ * at construction time — without the selector
+ * verifiers cannot find the key in DNS, and a
+ * selector without a signer is a misconfiguration.
+ */
+interface TaistampHandlerConfig {
+    /**
+     * Key selector advertised in the `TAI-Key-Selector`
+     * response header and bound into the signed payload.
+     * Verifiers look up the public key at
+     * `<selector>._taistamp.<host>` in DNS.
+     *
+     * Must match `[A-Za-z][A-Za-z0-9_-]{0,62}` (a single
+     * DNS label starting with a letter, using
+     * DKIM-compatible characters and a valid sf-token);
+     * rotate by changing the selector and publishing a
+     * new TXT record.
+     */
+    selector?: string;
+    /**
+     * {@link Signer} that produces `TAI-Signature` over
+     * the framed payload from {@link taistampSignedPayload}.
+     * Without a signer the nonce is still echoed but the
+     * response is unsigned.
+     */
+    signer?: Signer;
+}
+/**
+ * Build a handler for `/.well-known/taistamp`.
+ *
+ * @param config - optional {@link TaistampHandlerConfig}
+ * @returns an `async (request) => Response` callable
+ *   directly as a Web `fetch` handler or as a Hono
+ *   route handler.
+ *
+ * @throws TypeError if `signer` and `selector` are not
+ *   both set or both unset, or if `selector` does not
+ *   match `[A-Za-z][A-Za-z0-9_-]{0,62}`.
+ *
+ * @remarks
+ * Behaviour:
+ *
+ * - `GET` / `HEAD` — body is a fresh 25-byte TAI64N
+ *   label (`HEAD` omits the body). Response headers:
+ *   Content-Type `application/tai64n`, Content-Length
+ *   `25`, Cache-Control `no-store`, plus
+ *   `TAI-Leap-Seconds` carrying the current count.
+ * - Any other method — `405 Method Not Allowed` with
+ *   `Allow: GET, HEAD`.
+ * - Request with more than one `TAI-Nonce` header —
+ *   `400 Bad Request`. Stricter than the spec's
+ *   "treat as absent" rule: a duplicated singleton
+ *   field is malformed input, so we refuse rather
+ *   than silently down-ranking it to unsigned.
+ * - Request `TAI-Nonce` — the value is echoed verbatim
+ *   in the response.
+ * - Request `TAI-Nonce` *and* `signer` configured *and*
+ *   the request method is `GET` *and* the nonce field
+ *   value is between 14 and 174 octets — adds
+ *   `TAI-Key-Selector` and `TAI-Signature` (sf-binary)
+ *   over the bytes produced by
+ *   {@link taistampSignedPayload}. The
+ *   domain-separation tag means the same key cannot
+ *   be tricked into producing valid signatures for
+ *   other protocols. `HEAD` and `405` responses are
+ *   never signed.
+ *
+ * The corresponding public key is expected to be
+ * published out-of-band as a DNS TXT record at
+ * `<selector>._taistamp.<host>` — verifiers fetch the
+ * key by selector so the operator can rotate keys by
+ * publishing a new selector while the old one is
+ * still cached.
+ *
+ * @see {@link https://cr.yp.to/libtai/tai64.html} for
+ *   TAI64N format
+ */
+declare const newTaistampHandler: (config?: TaistampHandlerConfig) => ((request: Request) => Promise<Response>);
+
+type timestamp = {
+    nano: number;
+    sec: number;
+    offset?: number;
+};
+declare const fromUTC: (utc: number) => timestamp;
+declare const now: () => timestamp;
+declare const tai64nLabel: (value?: timestamp) => string;
+declare const tai64nLabelFromUTC: (utc: number) => string;
+
+/** Package version from package.json. */
+declare const VERSION: string;
+
+export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_OFFSET, VERSION, fromUTC, newEd25519Signer, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC, taistampSignedPayload };
+export type { Signer, TaistampHandlerConfig };

package/dist/index.mjs

@@ -0,0 +1,142 @@
+const version = "0.0.1";
+const pkg = {
+	version: version};
+
+const TAI_OFFSET = 37;
+const TAI64N_PATH = "/.well-known/taistamp";
+const TAI64N_CONTENT_TYPE = "application/tai64n";
+const TAI64N_CONTENT_LENGTH = 1 + 16 + 8;
+const TAI64N_HEADER_KEY_SELECTOR = "TAI-Key-Selector";
+const TAI64N_HEADER_LEAP_SECONDS = "TAI-Leap-Seconds";
+const TAI64N_HEADER_NONCE = "TAI-Nonce";
+const TAI64N_HEADER_SIGNATURE = "TAI-Signature";
+const TAI64_EPOCH_HI = 1073741824;
+
+const fromUTC = (utc) => {
+  const sec = Math.floor(utc / 1e3) + TAI_OFFSET;
+  const nano = utc % 1e3 * 1e6;
+  return { sec, nano, offset: TAI_OFFSET };
+};
+const now = () => {
+  const utc = Date.now();
+  return fromUTC(utc);
+};
+const tai64nLabel = (value) => {
+  const { sec, nano } = value ?? now();
+  const secHi = Math.trunc(sec / u32Range) + TAI64_EPOCH_HI;
+  const secLo = sec % u32Range;
+  const secHiHex = secHi.toString(16).padStart(8, "0");
+  const secLoHex = secLo.toString(16).padStart(8, "0");
+  const nanoHex = nano.toString(16).padStart(8, "0");
+  return `@${secHiHex}${secLoHex}${nanoHex}`;
+};
+const tai64nLabelFromUTC = (utc) => tai64nLabel(fromUTC(utc));
+const u32Range = 4294967296;
+
+const SELECTOR_PATTERN = /^[A-Za-z][\dA-Za-z_-]{0,62}$/;
+const NONCE_MIN_OCTETS = 14;
+const NONCE_MAX_OCTETS = 174;
+const textEncoder = new TextEncoder();
+const DOMAIN_SEPARATOR = textEncoder.encode("taistamp-v1\0");
+const asBytes = (source) => {
+  if (source instanceof Uint8Array) {
+    return source;
+  }
+  if (ArrayBuffer.isView(source)) {
+    return new Uint8Array(
+      source.buffer,
+      source.byteOffset,
+      source.byteLength
+    );
+  }
+  return new Uint8Array(source);
+};
+const encodeStructuredBinary = (source) => {
+  const bytes = asBytes(source);
+  const standard = btoa(String.fromCodePoint(...bytes));
+  return `:${standard}:`;
+};
+const taistampSignedPayload = (label, leapSeconds, selector, nonce) => {
+  const labelBytes = textEncoder.encode(label);
+  const selectorBytes = textEncoder.encode(selector);
+  const nonceBytes = textEncoder.encode(nonce);
+  const buffer = new ArrayBuffer(
+    DOMAIN_SEPARATOR.length + labelBytes.length + 4 + 1 + selectorBytes.length + nonceBytes.length
+  );
+  const view = new Uint8Array(buffer);
+  let offset = 0;
+  view.set(DOMAIN_SEPARATOR, offset);
+  offset += DOMAIN_SEPARATOR.length;
+  view.set(labelBytes, offset);
+  offset += labelBytes.length;
+  new DataView(buffer).setUint32(offset, leapSeconds, false);
+  offset += 4;
+  view[offset] = selectorBytes.length;
+  offset += 1;
+  view.set(selectorBytes, offset);
+  offset += selectorBytes.length;
+  view.set(nonceBytes, offset);
+  return buffer;
+};
+const newTaistampHandler = (config = {}) => {
+  const { selector, signer } = config;
+  if (signer === void 0 !== (selector === void 0)) {
+    throw new TypeError(
+      "newTaistampHandler: signer and selector must be set together"
+    );
+  }
+  if (selector !== void 0 && !SELECTOR_PATTERN.test(selector)) {
+    throw new TypeError(
+      `newTaistampHandler: selector must match ${SELECTOR_PATTERN.source}`
+    );
+  }
+  return async (request) => {
+    if (request.method !== "GET" && request.method !== "HEAD") {
+      return new Response(void 0, {
+        status: 405,
+        headers: { allow: "GET, HEAD" }
+      });
+    }
+    const nonce = request.headers.get(TAI64N_HEADER_NONCE);
+    if (nonce !== null && nonce.includes(",")) {
+      return new Response(void 0, { status: 400 });
+    }
+    const label = tai64nLabel();
+    const headers = new Headers({
+      "cache-control": "no-store",
+      "content-length": String(TAI64N_CONTENT_LENGTH),
+      "content-type": TAI64N_CONTENT_TYPE,
+      [TAI64N_HEADER_LEAP_SECONDS]: String(TAI_OFFSET)
+    });
+    if (nonce !== null) {
+      headers.set(TAI64N_HEADER_NONCE, nonce);
+      const nonceLength = textEncoder.encode(nonce).length;
+      const inRange = nonceLength >= NONCE_MIN_OCTETS && nonceLength <= NONCE_MAX_OCTETS;
+      if (request.method === "GET" && signer !== void 0 && selector !== void 0 && inRange) {
+        const message = taistampSignedPayload(
+          label,
+          TAI_OFFSET,
+          selector,
+          nonce
+        );
+        const signature = await signer.sign(message);
+        headers.set(TAI64N_HEADER_KEY_SELECTOR, selector);
+        headers.set(
+          TAI64N_HEADER_SIGNATURE,
+          encodeStructuredBinary(signature)
+        );
+      }
+    }
+    const body = request.method === "HEAD" ? void 0 : label;
+    return new Response(body, { status: 200, headers });
+  };
+};
+
+const newEd25519Signer = (key) => ({
+  sign: async (message) => crypto.subtle.sign("Ed25519", key, message)
+});
+
+const VERSION = pkg.version;
+
+export { TAI64N_CONTENT_LENGTH, TAI64N_CONTENT_TYPE, TAI64N_HEADER_KEY_SELECTOR, TAI64N_HEADER_LEAP_SECONDS, TAI64N_HEADER_NONCE, TAI64N_HEADER_SIGNATURE, TAI64N_PATH, TAI64_EPOCH_HI, TAI_OFFSET, VERSION, fromUTC, newEd25519Signer, newTaistampHandler, now, tai64nLabel, tai64nLabelFromUTC, taistampSignedPayload };
+//# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.mjs","sources":["../src/const.ts","../src/utils.ts","../src/handler.ts","../src/signer.ts","../src/index.ts"],"sourcesContent":["export const TAI_OFFSET: number = 37;\n\nexport const TAI64N_PATH = '/.well-known/taistamp';\n\nexport const TAI64N_CONTENT_TYPE = 'application/tai64n';\nexport const TAI64N_CONTENT_LENGTH = 1 + 16 + 8; // '@' + sec (16 hex chars) + nano (8 hex chars)\n\nexport const TAI64N_HEADER_KEY_SELECTOR = 'TAI-Key-Selector';\nexport const TAI64N_HEADER_LEAP_SECONDS = 'TAI-Leap-Seconds';\nexport const TAI64N_HEADER_NONCE = 'TAI-Nonce';\nexport const TAI64N_HEADER_SIGNATURE = 'TAI-Signature';\n\nexport const TAI64_EPOCH_HI = 0x40_00_00_00;\n","import { TAI64_EPOCH_HI, TAI_OFFSET } from './const';\n\ntype timestamp = {\n  nano: number\n  sec: number\n\n  offset?: number\n};\n\nexport const fromUTC = (utc: number): timestamp => {\n  // TODO: leap seconds table\n  const sec = Math.floor(utc / 1000) + TAI_OFFSET;\n  const nano = (utc % 1000) * 1e6;\n  return { sec, nano, offset: TAI_OFFSET };\n};\n\nexport const now = (): timestamp => {\n  const utc = Date.now();\n  return fromUTC(utc);\n};\n\nexport const tai64nLabel = (value?: timestamp): string => {\n  const { sec, nano } = value ?? now();\n\n  const secHi = Math.trunc(sec / u32Range) + TAI64_EPOCH_HI;\n  const secLo = sec % u32Range;\n\n  const secHiHex = secHi.toString(16).padStart(8, '0');\n  const secLoHex = secLo.toString(16).padStart(8, '0');\n  const nanoHex = nano.toString(16).padStart(8, '0');\n\n  return `@${secHiHex}${secLoHex}${nanoHex}`;\n};\n\nexport const tai64nLabelFromUTC = (utc: number): string => tai64nLabel(fromUTC(utc));\n\nconst u32Range = 0x1_00_00_00_00;\n","import type { Signer } from './signer';\nimport {\n  TAI64N_CONTENT_LENGTH,\n  TAI64N_CONTENT_TYPE,\n  TAI64N_HEADER_KEY_SELECTOR,\n  TAI64N_HEADER_LEAP_SECONDS,\n  TAI64N_HEADER_NONCE,\n  TAI64N_HEADER_SIGNATURE,\n  TAI_OFFSET,\n} from './const';\nimport { tai64nLabel } from './utils';\n\nconst SELECTOR_PATTERN = /^[A-Za-z][\\dA-Za-z_-]{0,62}$/;\n\nconst NONCE_MIN_OCTETS = 14;\nconst NONCE_MAX_OCTETS = 174;\n\nconst textEncoder = new TextEncoder();\n\n/**\n * Domain-separation tag prepended to every signed\n * payload. Versioned so a v2 protocol can use the same\n * key without colliding with v1 signatures, and\n * NUL-terminated so the boundary between tag and\n * label is unambiguous.\n */\nconst DOMAIN_SEPARATOR = textEncoder.encode('taistamp-v1\\0');\n\nconst asBytes = (source: BufferSource): Uint8Array => {\n  if (source instanceof Uint8Array) {\n    return source;\n  }\n  if (ArrayBuffer.isView(source)) {\n    return new Uint8Array(\n      source.buffer,\n      source.byteOffset,\n      source.byteLength,\n    );\n  }\n  return new Uint8Array(source);\n};\n\n/**\n * Encode `source` as a Structured Field Value sf-binary\n * item per [RFC 8941 §3.3.5]: standard base64 with `=`\n * padding, wrapped in a leading and trailing colon.\n *\n * @see {@link https://www.rfc-editor.org/rfc/rfc8941#name-byte-sequences}\n */\nconst encodeStructuredBinary = (source: BufferSource): string => {\n  // Spread is safe for the 64-byte signatures handled\n  // here; revisit if larger payloads ever land.\n  const bytes = asBytes(source);\n  const standard = btoa(String.fromCodePoint(...bytes));\n  return `:${standard}:`;\n};\n\n/**\n * Compose the byte sequence covered by a TAI-Signature.\n *\n * @param label - the 25-byte TAI64N label string the\n *   server is returning\n * @param leapSeconds - the leap-seconds count the server\n *   advertises in `TAI-Leap-Seconds`\n * @param selector - the key selector the server\n *   advertises in `TAI-Key-Selector`; verifiers use\n *   this to look up the public key in DNS at\n *   `<selector>._taistamp.<host>`\n * @param nonce - the client-supplied nonce, echoed\n *   verbatim in `TAI-Nonce`\n * @returns the byte sequence verifiers reconstruct\n *   from the response and pass to their public-key\n *   verify routine. The framing is the\n *   domain-separation tag (`taistamp-v1` plus a\n *   trailing NUL byte), then the label bytes, then\n *   the leap-seconds count as a 4-byte big-endian\n *   unsigned integer, then a 1-byte selector length,\n *   then the selector bytes, then the nonce bytes.\n *\n * @remarks\n * Binding the selector into the signed payload stops a\n * downgrade attacker from rewriting `TAI-Key-Selector`\n * to point at a compromised or weaker key — the\n * signature would no longer verify under that key.\n * `leapSeconds` is encoded as a 4-byte big-endian\n * unsigned integer; the selector is length-prefixed by\n * a single byte (selectors are ≤ 63 chars per\n * {@link newTaistampHandler}'s validation).\n */\nexport const taistampSignedPayload = (\n  label: string,\n  leapSeconds: number,\n  selector: string,\n  nonce: string,\n): ArrayBuffer => {\n  const labelBytes = textEncoder.encode(label);\n  const selectorBytes = textEncoder.encode(selector);\n  const nonceBytes = textEncoder.encode(nonce);\n\n  const buffer = new ArrayBuffer(\n    DOMAIN_SEPARATOR.length +\n    labelBytes.length +\n    4 +\n    1 +\n    selectorBytes.length +\n    nonceBytes.length,\n  );\n  const view = new Uint8Array(buffer);\n\n  let offset = 0;\n  view.set(DOMAIN_SEPARATOR, offset);\n  offset += DOMAIN_SEPARATOR.length;\n  view.set(labelBytes, offset);\n  offset += labelBytes.length;\n  new DataView(buffer).setUint32(offset, leapSeconds, false);\n  offset += 4;\n  view[offset] = selectorBytes.length;\n  offset += 1;\n  view.set(selectorBytes, offset);\n  offset += selectorBytes.length;\n  view.set(nonceBytes, offset);\n\n  return buffer;\n};\n\n/**\n * Configuration for {@link newTaistampHandler}.\n *\n * @remarks\n * `signer` and `selector` are co-required: pass both\n * to enable authenticated responses, or neither for\n * an unsigned handler. Passing only one is rejected\n * at construction time — without the selector\n * verifiers cannot find the key in DNS, and a\n * selector without a signer is a misconfiguration.\n */\nexport interface TaistampHandlerConfig {\n  /**\n   * Key selector advertised in the `TAI-Key-Selector`\n   * response header and bound into the signed payload.\n   * Verifiers look up the public key at\n   * `<selector>._taistamp.<host>` in DNS.\n   *\n   * Must match `[A-Za-z][A-Za-z0-9_-]{0,62}` (a single\n   * DNS label starting with a letter, using\n   * DKIM-compatible characters and a valid sf-token);\n   * rotate by changing the selector and publishing a\n   * new TXT record.\n   */\n  selector?: string\n\n  /**\n   * {@link Signer} that produces `TAI-Signature` over\n   * the framed payload from {@link taistampSignedPayload}.\n   * Without a signer the nonce is still echoed but the\n   * response is unsigned.\n   */\n  signer?: Signer\n}\n\n/**\n * Build a handler for `/.well-known/taistamp`.\n *\n * @param config - optional {@link TaistampHandlerConfig}\n * @returns an `async (request) => Response` callable\n *   directly as a Web `fetch` handler or as a Hono\n *   route handler.\n *\n * @throws TypeError if `signer` and `selector` are not\n *   both set or both unset, or if `selector` does not\n *   match `[A-Za-z][A-Za-z0-9_-]{0,62}`.\n *\n * @remarks\n * Behaviour:\n *\n * - `GET` / `HEAD` — body is a fresh 25-byte TAI64N\n *   label (`HEAD` omits the body). Response headers:\n *   Content-Type `application/tai64n`, Content-Length\n *   `25`, Cache-Control `no-store`, plus\n *   `TAI-Leap-Seconds` carrying the current count.\n * - Any other method — `405 Method Not Allowed` with\n *   `Allow: GET, HEAD`.\n * - Request with more than one `TAI-Nonce` header —\n *   `400 Bad Request`. Stricter than the spec's\n *   \"treat as absent\" rule: a duplicated singleton\n *   field is malformed input, so we refuse rather\n *   than silently down-ranking it to unsigned.\n * - Request `TAI-Nonce` — the value is echoed verbatim\n *   in the response.\n * - Request `TAI-Nonce` *and* `signer` configured *and*\n *   the request method is `GET` *and* the nonce field\n *   value is between 14 and 174 octets — adds\n *   `TAI-Key-Selector` and `TAI-Signature` (sf-binary)\n *   over the bytes produced by\n *   {@link taistampSignedPayload}. The\n *   domain-separation tag means the same key cannot\n *   be tricked into producing valid signatures for\n *   other protocols. `HEAD` and `405` responses are\n *   never signed.\n *\n * The corresponding public key is expected to be\n * published out-of-band as a DNS TXT record at\n * `<selector>._taistamp.<host>` — verifiers fetch the\n * key by selector so the operator can rotate keys by\n * publishing a new selector while the old one is\n * still cached.\n *\n * @see {@link https://cr.yp.to/libtai/tai64.html} for\n *   TAI64N format\n */\nexport const newTaistampHandler = (\n  config: TaistampHandlerConfig = {},\n): ((request: Request) => Promise<Response>) => {\n  const { selector, signer } = config;\n\n  if ((signer === undefined) !== (selector === undefined)) {\n    throw new TypeError(\n      'newTaistampHandler: signer and selector must be set together',\n    );\n  }\n  if (selector !== undefined && !SELECTOR_PATTERN.test(selector)) {\n    throw new TypeError(\n      `newTaistampHandler: selector must match ${SELECTOR_PATTERN.source}`,\n    );\n  }\n\n  return async (request) => {\n    if (request.method !== 'GET' && request.method !== 'HEAD') {\n      return new Response(undefined, {\n        status: 405,\n        headers: { allow: 'GET, HEAD' },\n      });\n    }\n\n    const nonce = request.headers.get(TAI64N_HEADER_NONCE);\n\n    // `TAI-Nonce` is a singleton sf-binary; a valid value\n    // contains no `,` of its own, so a comma in the joined\n    // header value means the client sent the field more\n    // than once.\n    if (nonce !== null && nonce.includes(',')) {\n      return new Response(undefined, { status: 400 });\n    }\n\n    const label = tai64nLabel();\n\n    const headers = new Headers({\n      'cache-control': 'no-store',\n      'content-length': String(TAI64N_CONTENT_LENGTH),\n      'content-type': TAI64N_CONTENT_TYPE,\n      [TAI64N_HEADER_LEAP_SECONDS]: String(TAI_OFFSET),\n    });\n\n    if (nonce !== null) {\n      headers.set(TAI64N_HEADER_NONCE, nonce);\n\n      const nonceLength = textEncoder.encode(nonce).length;\n      const inRange =\n        nonceLength >= NONCE_MIN_OCTETS && nonceLength <= NONCE_MAX_OCTETS;\n\n      if (\n        request.method === 'GET' &&\n        signer !== undefined &&\n        selector !== undefined &&\n        inRange\n      ) {\n        const message = taistampSignedPayload(\n          label,\n          TAI_OFFSET,\n          selector,\n          nonce,\n        );\n        const signature = await signer.sign(message);\n        headers.set(TAI64N_HEADER_KEY_SELECTOR, selector);\n        headers.set(\n          TAI64N_HEADER_SIGNATURE,\n          encodeStructuredBinary(signature),\n        );\n      }\n    }\n\n    const body = request.method === 'HEAD' ? undefined : label;\n    return new Response(body, { status: 200, headers });\n  };\n};\n","/**\n * Generic signer abstraction over a private key.\n *\n * @remarks\n * The handler doesn't care which algorithm or key\n * store produced the signature, only that signing\n * succeeded. Pluggable so consumers can wire in\n * HSM-backed, KMS-backed, or in-process WebCrypto\n * signers without touching the handler. Verifiers\n * must agree on the algorithm and the public key\n * out-of-band — typically by pinning the public key\n * to a DNS TXT record.\n */\nexport interface Signer {\n  /**\n   * Produce a signature over `message`.\n   *\n   * @param message - bytes to sign; the caller is\n   *   responsible for any framing or domain separation.\n   *   Typed as {@link BufferSource} to match WebCrypto's\n   *   own input shape — any `ArrayBuffer` or typed-array\n   *   view is accepted.\n   * @returns the raw signature bytes (algorithm-defined\n   *   length and encoding) as an `ArrayBuffer`, matching\n   *   WebCrypto's native output shape\n   */\n  sign: (message: BufferSource) => Promise<ArrayBuffer>\n}\n\n/**\n * Build a {@link Signer} backed by a WebCrypto Ed25519\n * private `CryptoKey`.\n *\n * @param key - Ed25519 private key with `'sign'` in\n *   `key.usages`. The algorithm `name` must be\n *   `'Ed25519'`.\n * @returns a {@link Signer} producing 64-byte raw\n *   Ed25519 signatures (R ‖ s, RFC 8032)\n *\n * @see {@link https://datatracker.ietf.org/doc/html/rfc8032}\n */\nexport const newEd25519Signer = (key: CryptoKey): Signer => ({\n  sign: async (message) => crypto.subtle.sign('Ed25519', key, message),\n});\n","import pkg from '../package.json' with { type: 'json' };\n\n/** Package version from package.json. */\nexport const VERSION: string = pkg.version;\n\nexport * from './const';\nexport {\n  newTaistampHandler,\n  type TaistampHandlerConfig,\n  taistampSignedPayload,\n} from './handler';\nexport {\n  newEd25519Signer,\n  type Signer,\n} from './signer';\nexport {\n  fromUTC,\n  now,\n  tai64nLabel,\n  tai64nLabelFromUTC,\n} from './utils';\n"],"names":[],"mappings":";;;;AAAO,MAAM,UAAA,GAAqB;AAE3B,MAAM,WAAA,GAAc;AAEpB,MAAM,mBAAA,GAAsB;AAC5B,MAAM,qBAAA,GAAwB,IAAI,EAAA,GAAK;AAEvC,MAAM,0BAAA,GAA6B;AACnC,MAAM,0BAAA,GAA6B;AACnC,MAAM,mBAAA,GAAsB;AAC5B,MAAM,uBAAA,GAA0B;AAEhC,MAAM,cAAA,GAAiB;;ACHvB,MAAM,OAAA,GAAU,CAAC,GAAA,KAA2B;AAEjD,EAAA,MAAM,GAAA,GAAM,IAAA,CAAK,KAAA,CAAM,GAAA,GAAM,GAAI,CAAA,GAAI,UAAA;AACrC,EAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,GAAQ,GAAA;AAC5B,EAAA,OAAO,EAAE,GAAA,EAAK,IAAA,EAAM,MAAA,EAAQ,UAAA,EAAW;AACzC;AAEO,MAAM,MAAM,MAAiB;AAClC,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,OAAO,QAAQ,GAAG,CAAA;AACpB;AAEO,MAAM,WAAA,GAAc,CAAC,KAAA,KAA8B;AACxD,EAAA,MAAM,EAAE,GAAA,EAAK,IAAA,EAAK,GAAI,SAAS,GAAA,EAAI;AAEnC,EAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,GAAA,GAAM,QAAQ,CAAA,GAAI,cAAA;AAC3C,EAAA,MAAM,QAAQ,GAAA,GAAM,QAAA;AAEpB,EAAA,MAAM,WAAW,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AACnD,EAAA,MAAM,WAAW,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AACnD,EAAA,MAAM,UAAU,IAAA,CAAK,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAA;AAEjD,EAAA,OAAO,CAAA,CAAA,EAAI,QAAQ,CAAA,EAAG,QAAQ,GAAG,OAAO,CAAA,CAAA;AAC1C;AAEO,MAAM,qBAAqB,CAAC,GAAA,KAAwB,WAAA,CAAY,OAAA,CAAQ,GAAG,CAAC;AAEnF,MAAM,QAAA,GAAW,UAAA;;ACxBjB,MAAM,gBAAA,GAAmB,8BAAA;AAEzB,MAAM,gBAAA,GAAmB,EAAA;AACzB,MAAM,gBAAA,GAAmB,GAAA;AAEzB,MAAM,WAAA,GAAc,IAAI,WAAA,EAAY;AASpC,MAAM,gBAAA,GAAmB,WAAA,CAAY,MAAA,CAAO,eAAe,CAAA;AAE3D,MAAM,OAAA,GAAU,CAAC,MAAA,KAAqC;AACpD,EAAA,IAAI,kBAAkB,UAAA,EAAY;AAChC,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAA,CAAY,MAAA,CAAO,MAAM,CAAA,EAAG;AAC9B,IAAA,OAAO,IAAI,UAAA;AAAA,MACT,MAAA,CAAO,MAAA;AAAA,MACP,MAAA,CAAO,UAAA;AAAA,MACP,MAAA,CAAO;AAAA,KACT;AAAA,EACF;AACA,EAAA,OAAO,IAAI,WAAW,MAAM,CAAA;AAC9B,CAAA;AASA,MAAM,sBAAA,GAAyB,CAAC,MAAA,KAAiC;AAG/D,EAAA,MAAM,KAAA,GAAQ,QAAQ,MAAM,CAAA;AAC5B,EAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,aAAA,CAAc,GAAG,KAAK,CAAC,CAAA;AACpD,EAAA,OAAO,IAAI,QAAQ,CAAA,CAAA,CAAA;AACrB,CAAA;AAkCO,MAAM,qBAAA,GAAwB,CACnC,KAAA,EACA,WAAA,EACA,UACA,KAAA,KACgB;AAChB,EAAA,MAAM,UAAA,GAAa,WAAA,CAAY,MAAA,CAAO,KAAK,CAAA;AAC3C,EAAA,MAAM,aAAA,GAAgB,WAAA,CAAY,MAAA,CAAO,QAAQ,CAAA;AACjD,EAAA,MAAM,UAAA,GAAa,WAAA,CAAY,MAAA,CAAO,KAAK,CAAA;AAE3C,EAAA,MAAM,SAAS,IAAI,WAAA;AAAA,IACjB,gBAAA,CAAiB,SACjB,UAAA,CAAW,MAAA,GACX,IACA,CAAA,GACA,aAAA,CAAc,SACd,UAAA,CAAW;AAAA,GACb;AACA,EAAA,MAAM,IAAA,GAAO,IAAI,UAAA,CAAW,MAAM,CAAA;AAElC,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,IAAA,CAAK,GAAA,CAAI,kBAAkB,MAAM,CAAA;AACjC,EAAA,MAAA,IAAU,gBAAA,CAAiB,MAAA;AAC3B,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAC3B,EAAA,MAAA,IAAU,UAAA,CAAW,MAAA;AACrB,EAAA,IAAI,SAAS,MAAM,CAAA,CAAE,SAAA,CAAU,MAAA,EAAQ,aAAa,KAAK,CAAA;AACzD,EAAA,MAAA,IAAU,CAAA;AACV,EAAA,IAAA,CAAK,MAAM,IAAI,aAAA,CAAc,MAAA;AAC7B,EAAA,MAAA,IAAU,CAAA;AACV,EAAA,IAAA,CAAK,GAAA,CAAI,eAAe,MAAM,CAAA;AAC9B,EAAA,MAAA,IAAU,aAAA,CAAc,MAAA;AACxB,EAAA,IAAA,CAAK,GAAA,CAAI,YAAY,MAAM,CAAA;AAE3B,EAAA,OAAO,MAAA;AACT;AAuFO,MAAM,kBAAA,GAAqB,CAChC,MAAA,GAAgC,EAAC,KACa;AAC9C,EAAA,MAAM,EAAE,QAAA,EAAU,MAAA,EAAO,GAAI,MAAA;AAE7B,EAAA,IAAK,MAAA,KAAW,MAAA,MAAgB,QAAA,KAAa,MAAA,CAAA,EAAY;AACvD,IAAA,MAAM,IAAI,SAAA;AAAA,MACR;AAAA,KACF;AAAA,EACF;AACA,EAAA,IAAI,aAAa,MAAA,IAAa,CAAC,gBAAA,CAAiB,IAAA,CAAK,QAAQ,CAAA,EAAG;AAC9D,IAAA,MAAM,IAAI,SAAA;AAAA,MACR,CAAA,wCAAA,EAA2C,iBAAiB,MAAM,CAAA;AAAA,KACpE;AAAA,EACF;AAEA,EAAA,OAAO,OAAO,OAAA,KAAY;AACxB,IAAA,IAAI,OAAA,CAAQ,MAAA,KAAW,KAAA,IAAS,OAAA,CAAQ,WAAW,MAAA,EAAQ;AACzD,MAAA,OAAO,IAAI,SAAS,MAAA,EAAW;AAAA,QAC7B,MAAA,EAAQ,GAAA;AAAA,QACR,OAAA,EAAS,EAAE,KAAA,EAAO,WAAA;AAAY,OAC/B,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA;AAMrD,IAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AACzC,MAAA,OAAO,IAAI,QAAA,CAAS,MAAA,EAAW,EAAE,MAAA,EAAQ,KAAK,CAAA;AAAA,IAChD;AAEA,IAAA,MAAM,QAAQ,WAAA,EAAY;AAE1B,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,MAC1B,eAAA,EAAiB,UAAA;AAAA,MACjB,gBAAA,EAAkB,OAAO,qBAAqB,CAAA;AAAA,MAC9C,cAAA,EAAgB,mBAAA;AAAA,MAChB,CAAC,0BAA0B,GAAG,MAAA,CAAO,UAAU;AAAA,KAChD,CAAA;AAED,IAAA,IAAI,UAAU,IAAA,EAAM;AAClB,MAAA,OAAA,CAAQ,GAAA,CAAI,qBAAqB,KAAK,CAAA;AAEtC,MAAA,MAAM,WAAA,GAAc,WAAA,CAAY,MAAA,CAAO,KAAK,CAAA,CAAE,MAAA;AAC9C,MAAA,MAAM,OAAA,GACJ,WAAA,IAAe,gBAAA,IAAoB,WAAA,IAAe,gBAAA;AAEpD,MAAA,IACE,QAAQ,MAAA,KAAW,KAAA,IACnB,WAAW,MAAA,IACX,QAAA,KAAa,UACb,OAAA,EACA;AACA,QAAA,MAAM,OAAA,GAAU,qBAAA;AAAA,UACd,KAAA;AAAA,UACA,UAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,IAAA,CAAK,OAAO,CAAA;AAC3C,QAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,QAAQ,CAAA;AAChD,QAAA,OAAA,CAAQ,GAAA;AAAA,UACN,uBAAA;AAAA,UACA,uBAAuB,SAAS;AAAA,SAClC;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,KAAW,MAAA,GAAS,MAAA,GAAY,KAAA;AACrD,IAAA,OAAO,IAAI,QAAA,CAAS,IAAA,EAAM,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,EACpD,CAAA;AACF;;ACnPO,MAAM,gBAAA,GAAmB,CAAC,GAAA,MAA4B;AAAA,EAC3D,IAAA,EAAM,OAAO,OAAA,KAAY,MAAA,CAAO,OAAO,IAAA,CAAK,SAAA,EAAW,KAAK,OAAO;AACrE,CAAA;;ACxCO,MAAM,UAAkB,GAAA,CAAI;;;;"}

package/package.json

@@ -0,0 +1,73 @@
+{
+  "name": "@kagal/taistamp",
+  "version": "0.0.1",
+  "type": "module",
+  "description": "Signed TAI64N timestamps over HTTP",
+  "author": "Apptly Software Ltd <oss@apptly.co>",
+  "license": "MIT",
+  "homepage": "https://github.com/kagal-dev/taistamp/tree/main/packages/@kagal-taistamp#readme",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/kagal-dev/taistamp.git",
+    "directory": "packages/@kagal-taistamp"
+  },
+  "bugs": {
+    "url": "https://github.com/kagal-dev/taistamp/issues"
+  },
+  "keywords": [
+    "kagal",
+    "tai64n",
+    "taistamp",
+    "typescript"
+  ],
+  "types": "./dist/index.d.mts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.mts",
+      "default": "./dist/index.mjs"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "devDependencies": {
+    "@kagal/build-tsdoc": "~0.1.0",
+    "@kagal/cross-test": "~0.1.3",
+    "@poupe/eslint-config": "~0.9.1",
+    "@types/node": "^20.19.39",
+    "@vitest/coverage-istanbul": "^4.1.5",
+    "eslint": "^9.39.4",
+    "npm-run-all2": "^8.0.4",
+    "publint": "~0.3.18",
+    "rimraf": "^6.1.3",
+    "typescript": "~5.9.3",
+    "unbuild": "3.6.1",
+    "vitest": "^4.1.5"
+  },
+  "engines": {
+    "node": ">= 20.20.1",
+    "pnpm": ">= 10.33.2"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "unbuild",
+    "clean": "rimraf dist node_modules",
+    "dev": "vitest",
+    "dev:prepare": "unbuild --stub",
+    "lint": "eslint --fix .",
+    "lint:_pkg-pr-new": "eslint --fix package.json",
+    "lint:check": "eslint .",
+    "precommit": "run-s dev:prepare lint type-check build test",
+    "publint": "publint",
+    "publish:maybe": "npm view ${npm_package_name}@${npm_package_version} version 2>/dev/null && echo \"${npm_package_name}@${npm_package_version} already published\" || pnpm publish",
+    "test": "vitest run",
+    "test:coverage": "vitest run --coverage",
+    "test:watch": "vitest",
+    "type-check": "run-s type-check:main type-check:tools type-check:tests",
+    "type-check:main": "tsc --noEmit -p tsconfig.json",
+    "type-check:tests": "tsc --noEmit -p tsconfig.tests.json",
+    "type-check:tools": "tsc --noEmit -p tsconfig.tools.json"
+  }
+}